ietf-asrg
[Top] [All Lists]

Re: [Asrg] DCC and IP addresses

2003-03-07 22:42:46
From: Kee Hinckley <nazgul(_at_)somewhere(_dot_)com>

...
So why give you the IP address?  Why not encode it with a one-way 
hash/encryption?  All IP addresses will code the same, but the 
database will have no way to determine what IP addresses were passed.

One-way hash functions are relevant only when the plaintext is
unknown.  If the bad guy knows the plaintext such as an SMTP sender
or an IP address, then the bad guy can compute the hash.  He can
trivially invert the hash function.

For example, assume the checksum database has records that contain
"cksum(IP address) sent cksum(msg)" and you can somehow guess the
contents of the message and the block 10.1.0.0/16 of addresses. 
Then you can make a few thousand queries of the form "how many messages
with cksum M were sent from the address with with cksum I" to discover
whether that message was sent and if so from which IP address.

The privacy problem is like that of the U.S. Census.  How do you
release some of the Census data without releasing all of it?  For
example, assume the system refuses to answer the question "what was
the household income of the family as 124 Main Street?" but will answer
general queries like "how many families living on the 100 block of
Main St. have at least 2 children and an income of more than $10,000?"
or "how many families on the North side of Main Street and fewer than
3 children have an income of less than $20,000?"  Unless the system lies,
you can trick it blabbing the forbidden answer.  Even if the system lies,
it's hard to be sure it won't blab through a tricky series of questions.


Vernon Schryver    vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>